> was playing with this, testing to see how well I could use it to allow and
> deny hosts. I noticed that it did not behave in the way I anticipated.
> Obviously the firewall is the best place to do this to block external
hosts.
> It seems that a pattern of -192.168.9.1 will block 192.168.9.1,
> 192.168.9.10, and 192.168.9.100. However if I use -192.168.100.010, it
does
> not block anything (hoping it would block only 192.168.9.10).
> I looked at the code section for this. but it has been so long since I
have
> even looked at c or c++ code, I cannot figure out how to change it. I do
not
> have the ability to test to see if this behaves the same way for subnets
> (will -192.168.1 block 192.168.1, 192.168.10, and 192.168.100 ?)
Oh dear. It seems I'm a clueless muppet.
Yes, the code simply treates the AuthHosts "sections" as a rudimentary
prefix filter. What it should *actually* do is filter to the last
IP-address part specified, so that 192.168.9.1 just matches itself, while
192.168.9 matches anything in that 256-entry subnet.
Sorry. My fault. I'll work on a patch ASAP.
Cheers,
James "Wez" Weatherall
--
"The path to enlightenment is /usr/bin/enlightenment"
Laboratory for Communications Engineering, Cambridge - Tel : 766513
AT&T Labs Cambridge, UK - Tel : 343000
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
